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Listing of the Claims : 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

1 . (Original) A method for isolating a plurality of ports on a layer 2 switch, comprising: 
configuring each of said plurality of ports by a user on said layer 2 switch as a protected 

port or a non-protected port; 

matching a destination address on a data packet with a physical address on said layer 2 
switch, said data packet received by an ingress port; 

generating a forwarding map for said data packet based upon said destination address on 
said data packet; and 

sending said data packet to said plurality of ports pursuant to said forwarding map. 

2. (Original) The method of claim 1 wherein said generating step further comprises sending 
said data packet to each of said non-protected ports if said destination address is not matched 
with said physical address and said ingress port is a protected port. 

3. (Original) The method of claim 1 wherein said generating step further comprises sending 
said data packet to all of said plurality of ports if said destination address is not matched with 
said physical address and said ingress port is a non-protected port. 

4. (Original) The method of claiml wherein said generating step further comprises allowing 
said data packet to be forwarded from one of said protected ports to each of said non-protected 
ports. 
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5. (Original) The method of claim 1 wherein said generating step further comprises 
allowing said data packet to be forwarded between each of said non-protected ports. 

6. (Original) The method of claim 1 wherein said generating step further comprises 
prohibiting said data packet to be forwarded between each of said protected ports. 

7. (Original) The method of claim 1 wherein said generating step further comprises 
allowing said data packet to be forwarded between one of said non-protected ports to each of said 
protected ports. 

8. (Original) A program storage device readable by a machine, tangibly embodying a 
program of instructions executable by the machine to perform a method for isolating a plurality 
of ports on a layer 2 switch, said method comprising: 

configuring each of said plurality of ports by a user on said layer 2 switch as a protected 
port or a non-protected port; 

matching a destination address on a data packet with a physical address on said layer 2 
switch, said data packet received by an ingress port; 

generating a forwarding map for said data packet based upon said destination address on 
said data packet; and 

sending said data packet to said plurality of ports pursuant to said forwarding map. 

9. (Original) An apparatus for isolating a plurality of ports on a layer 2 switch, comprising: 
a port configurer to configure said plurality of ports as a protected port or a non-protected 

port; 
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an address table memory storing an address table, said address table having a destination 
address and port number pair; 

a forwarding map generator generating a forwarding map; and 

said forwarding map responsive to a destination address of a data packet so that the data 
packet is forwarded either to a port number paired with the destination address in said forwarding 
table, or if not so paired, said data packet is forwarded to each of said non-protected ports on said 
switch if an ingress port is protected or if said ingress port is non-protected, said data packet is 
forwarded to all of said plurality of ports. 

10. (Original) The apparatus of claim 9 wherein said incoming packet is forwarded from one 
of said non-protected ports to other non-protected ports. 

1 1 . (Original) The apparatus of claim 9 wherein said data packet is forwarded from one of 
said protected ports to each of said non-protected ports. 

12. (Original) The apparatus of claim 9 wherein said data packet is forwarded from one of 
said non-protected ports to each of said protected ports. 

13. (Original) An apparatus for isolating a plurality of ports on a layer 2 switch, comprising: 
means to configure each of said plurality of ports on said layer 2 switch as a protected or 

non-protected port; 

means to match a destination address on a data packet with a physical address on said 
layer 2 switch, said data packet received on an ingress port; 
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means to generate a forwarding map for said data packet based upon said destination 
address on said data packet; and 

means to send said data packet to said plurality of ports pursuant to said forwarding map. 

14. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises a means to forward said data packet to each of said non-protected ports if said 
destination address is not matched with said physical address and said ingress port is a protected 
port. 

15. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises a means to forward said data packet to all of said plurality of ports if said 
destination address is not matched with said physical address and said ingress port is a non- 
protected port. 

16. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises a means to allow said data packet to be forwarded from one of said protected 
ports to each of said non-protected ports. 

17. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises means to allow said data packet to be forwarded between each of said non- 
protected ports. 
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18. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises prohibiting said data packet to be forwarded between each of said protected 
ports. 

19. (Original) The apparatus of claim 13 wherein said means to generate a forwarding map 
further comprises allowing said data packet to be forwarded between one of said non-protected 
ports to each of said protected ports. 

20. (Original) A method for isolating a plurality of ports on a layer 2 switch, comprising: 
maintaining a state for each of said plurality of ports on said layer 2 switch as a protected 

port or a non-protected port; 

matching a destination address on a data packet with a physical address on said layer 2 
switch, said data packet received by an ingress port; 

generating a forwarding map for said data packet based upon said destination address on 
said data packet; and 

sending said data packet to said plurality of ports pursuant to said forwarding map. 

21. (Original) The method of claim 20 wherein said generating step further comprises 
sending said data packet to each of said non-protected ports if said destination address is not 
matched with said physical address and said ingress port is a protected port. 

22. (Original) The method of claim 20 wherein said generating step further comprises 

sending said data packet to all of said plurality of ports if said destination address is not matched 

with said physical address and said ingress port is a non-protected port. 
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23. (Original) The method of claim 20 wherein said generating step further comprises 
allowing said data packet to be forwarded from one of said protected ports to each of said non- 
protected ports. 

24. (Original) The method of claim 20 wherein said generating step further comprises 
allowing said data packet to be forwarded between each of said non-protected ports. 

25. (Original) The method of claim 20 wherein said generating step further comprises 
prohibiting said data packet to be forwarded between each of said protected ports. 

26. (Original) The method of claim 20 wherein said generating step further comprises 
allowing said data packet to be forwarded between one of said non-protected ports to each of said 
protected ports. 

27. (Original) A program storage device readable by a machine, tangibly embodying a 
program of instructions executable by the machine to perform a method for isolating a plurality 
of ports on a layer 2 switch, said method comprising: 

maintaining a state for each of said plurality of ports on said layer 2 switch as a protected 
port or a non-protected port; 

matching a destination address on a data packet with a physical address on said layer 2 
switch, said data packet received by an ingress port; 

generating a forwarding map for said data packet based upon said destination address on 
said data packet; and 

sending said data packet to said plurality of ports pursuant to said forwarding map. 
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